Planning for and Managing Devices in the Enterprise Enterprise Mobility Suite and On Premises Tools 20398

5 days


This course teaches IT professionals how to use the Enterprise Mobility Suite to manage devices, users, and data. In addition, this course teaches students how to use other technologies, such as Group Policy and other Windows Server–based technologies, to manage devices and secure data. Students will learn how to design and implement cloud-based and on-premises solutions for managing Windows-based, iOS, and Android devices, and they will learn how to provide secure and efficient access to data and applications.


This course is intended for IT professionals and consultants who plan, deploy, and manage devices and applications in medium to large organizations. A significant portion of this audience works in on-premises Active Directory Domain Services (AD DS) environments with both domain-joined and non-domain joined devices, for which they need to provide mobile device management and secure data access. Devices in such environments typically run Windows 10, Windows 10 Mobile, iOS, and Android. They plan to extend on-premises AD DS to the cloud and they need to learn how to plan and implement Enterprise Mobility Suite.

Skills Gained

At the completion of this course, participants will be able to:

  • Use devices in the enterprise environment.
  • Implement and administer Microsoft Azure Active Directory (Azure AD).
  • Connect AD DS with Azure AD.
  • Manage devices in Microsoft Office 365.
  • Plan and implement Intune.
  • Use Intune to manage devices.
  • Plan and implement app support.
  • Use Intune to manage applications and Resource Access.
  • Plan and implement Microsoft Azure Rights Management (Azure RMS).
  • Plan and implement Remote Access.
  • Plan and implement Dynamic Access Control and auditing.
  • Plan and protect data.
  • Recover data and operating systems.


In addition to their professional experience, students who attend this training should already have the following technical knowledge:

  • TCP/IP networking fundamentals
  • Understanding of Domain Name System (DNS)
  • Working knowledge of Active Directory principles
  • Understanding of the public key infrastructure (PKI) fundamentals
  • Understanding of cloud-based service concepts
  • Windows Server 2012 R2 fundamentals, including Remote Desktop Services
  • Experience with Windows 10
  • Familiarity with Windows PowerShell
  • Basic knowledge of mobile platforms

Course Outline

Module 1: Using devices in the enterprise environment

  • Overview of devices in an enterprise
  • Device management features
  • Overview of the Enterprise Mobility Suite
  • Lab : Planning for device management
  • Selecting the appropriate products and technologies for device management
  • Working with mobile devices

Module 2: Implementing and administering Azure AD

  • Overview of AD DS
  • Overview of Azure AD
  • Creating and managing Azure AD
  • Managing authentication in Azure AD
  • Lab : Working with Azure AD and providing access to claims-aware applications
  • Managing Azure AD users and groups
  • Joining a Windows 10 device to Azure AD
  • Accessing cloud applications with SSO

Module 3: Connecting AD DS with Azure AD

  • Preparing AD DS for directory synchronization
  • Implementing Azure AD Connect
  • Planning and implementing federation
  • Lab : Synchronizing on-premises AD DS with Azure AD
  • Verifying synchronization of new objects
  • Implementing and using Azure AD Premium features

Module 4: Managing devices in Office 365

  • Overview of Office 365
  • MDM for Office 365
  • Lab : Managing devices in Office 365
  • Configuring and testing mobile device management in Office 365

Module 5: Planning and implementing Microsoft Intune

  • Planning for Intune
  • Deploying Intune clients
  • Basic Intune administration
  • Lab : Planning and implementing Intune
  • Deploying Intune clients and linking computers to users
  • Create Intune users
  • Delegating Intune permissions
  • Creating Intune groups

Module 6: Managing devices by using Intune

  • Working with Microsoft Intune policies
  • Mobile device management
  • Managing updates and Windows Defender
  • Lab : Using Microsoft Intune policies to manage devices
  • Configuring Azure AD with automatic mobile device management enrollment
  • Lab : Managing updates and Windows Defender
  • Managing updates by using Intune
  • Managing Windows Defender by using Intune

Module 7: Using Microsoft Intune to manage applications and resource access

  • Application lifecycle management
  • Application deployment process
  • Managing access to company resources
  • Lab : Using Intune to deploy and monitor applications
  • Using Intune to deploy and monitor applications
  • Lab : Using Intune to manage resource access
  • Configuring certificate deployment in Intune
  • Configuring conditional access policies

Module 8: Planning and implementing Azure RMS

  • Overview of Azure RMS.
  • Implementing Azure RMS.
  • Lab : Using Azure RMS to protect documents and data
  • Protecting documents with Azure RMS
  • Using FCI with Azure RMS

Module 9: Planning and implementing app support

  • Planning and implementing application compatibility options
  • Publishing and using RemoteApp programs
  • Publishing and using Azure RemoteApp
  • Lab : Publishing and using RemoteApp and Azure RemoteApp
  • Publishing and accessing RemoteApp programs
  • Publishing and accessing Azure RemoteApp programs

Module 10: Planning and implementing remote access

  • Overview of remote access solutions
  • Implementing remote infrastructure access
  • Planning and implementing Work Folders
  • Implementing cloud data access
  • Planning and implementing mobility options
  • Lab : Configuring and using VPN and Work Folders
  • Configuring a VPN server and a VPN client
  • Configuring and using Work Folders
  • Lab : Using Offline Files and OneDrive
  • Configuring and using Offline Files
  • Synchronize settings between Windows 10 devices
  • Configuring and using OneDrive

Module 11: Planning and implementing Dynamic Access Control and auditing

  • Planning and implementing Dynamic Access Control
  • Accessing resources with Dynamic Access Control
  • Planning and deploying advanced audit policies
  • Lab : Implementing secure data access
  • Preparing for Dynamic Access Control deployment
  • Implementing Dynamic Access Control
  • Validating and remediating Dynamic Access Control
  • Using advanced audit policies

Module 12: Planning and protecting data

  • Planning and implementing encryption
  • Planning and implementing BitLocker
  • Protecting data on devices
  • Lab : Protecting data by using encryption and BitLocker
  • Encrypting and recovering access to encrypted files
  • Using BitLocker to protect data

Module 13: Recovering data and operating systems

  • Planning and implementing file recovery
  • Planning and implementing device recovery
  • Planning and implementing updates
  • Lab : Implementing file recovery and device recovery
  • Using File History to recover files
  • Using Previous Versions to recover files
  • Recovering a device with a restore point
  • Using the advanced startup options to recover a device

Thinking about Onsite?

If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. It's a cost effective option.

Submit an enquiry from any page on this site, and let us know you are interested in the requirements box, or simply mention it when we contact you.

Upcoming Dates

  • GREEN This class is Guaranteed To Run.
  • SPVC - Self-Paced Virtual Class.
  • Click a Date to Enroll.
Course Location Days Cost Date
Onsite5 2500 £2500 2019-06-17